Post form 400 error:
Right way:
Add this in the head section of your layout:
= Html::csrfMetaTags() ?& gt;
———————————
It is not recommended to cancel CSRF token verification as follows:
Add this in your controller:
public $enableCsrfValidation = false;
Other methods:
The original problem is CSRF verification, because the form is written by itself. In the framework of Yii, in order to prevent CSRF attacks, CSRF token verification is encapsulated in the form data of post.
Solution turn off CSRF verification
Method 1: close in the funding document
‘components‘=> array(
‘request‘=> array(
// Enable Yii Validate CSRF Token
‘enableCsrfValidation‘ => true,
),
),
When using the Yii form to generate a page, if the form is submitted by post, a hidden field will be added to the page, which is the CSRF token verification field
When users submit the form, they submit the field to the server. The Yii framework will send the hidden field submitted by the client and the Yii in the cookie submitted by the client_ CSRF_ The value of token was compared.
If it is the same, it will continue to execute. If it is not the same, it will throw a 400 exception: “the CSRF token could not be verified.”.
So the above problem appears. If you write your own form, you can add a hidden token verification field to the form on the view page
Method 2: add hidden verification fields in the form
If you don’t want CSRF verification, modify the true of method 1 to false, so that Yii won’t do post form verification.
Ajax post 400 error:
Ajax post is also used in movies recently. So I’m looking for answers on the Internet. Finally, I found the answer in Yii from unintentionally_ CSRF_ Token, because I have enabled enable csrfvalidation ‘= & gt; true , So CSRF verification is added to the request. So when Ajax makes an Ajax post request, it can’t pass the verification.
Solution: just add Yii manually when you request_ CSRF_ Just token!
For example:
//Send Ajax $. Ajax ({type: “post”, datatype: “JSON”, URL: “index. PHP?R = movie/insertfavorite”, data: {movie_ id‘:‘<?php echo $_ GET[‘id‘]?& gt;‘,‘ YII_ CSRF_ TOKEN‘:‘<?php echo ii::app()-> request-> csrfToken>‘}, cache: false, error: function (XMLHttpRequest, textStatus, errorThrown) { alert(errorThrown); }, success:function(data){ var result=eval(“(“+data+”)”); alert(data) }, });
Read More:
- [nodejs] error request aborted after request routing in post mode
- egg.js The frame post request reported an error of invalid CSRF token security verification, which has been solved
- Django + jQuery get data in the form + Ajax send data
- Encapsulation of Ajax JSON / fromdata request in native JS
- JS Ajax request is successful, the response displays “failed to load response data”
- Jetty9 change post request length
- ajax error 400 (Failed to load resource: the server responded with a status of 400 (Bad Request))
- Error: timeout of 5000ms exceeded error is always reported during post request
- Resourceaccessexception: I / O error on post request for and connection timed out
- When feign is called, the solution of request method ‘post’ not supported appears
- Ajax error reporting cross domain, AJAX cross domain access error 501 solution
- Error domain = nsurlerrordomain code = – 1001 “request timeout occurred in swift alamofire get request. ” UserInfo={NSUnderlyingErro
- Solve the problem that the delete request is not available under SpringBoot. There was an unexpected error (type=Method Not Allowed, status=405).
- When to enter success and error in AJAX
- Solve the problem of request method ‘get’ not supported
- Flask Request an extension before_request after_request errorhandler
- HTML method IE8 reports an error, IE8 jQuery Ajax obtains static resources reports an error, typeerror denies access
- An Ajax HTTP error occurred in drupal7 installation occurred.HTTP Result Code
- request:fail url not in domain list or Cannot send network request to localhost
- Ajax can’t download file to browser